To enable name locking

1. In the console tree of ISA Server Management, click Firewall Policy.
2. On the Toolbox tab, click Network Objects.
3. Expand Web Listeners, and then click the applicable Web listener.
4. On the toolbar beneath Network Objects, click Edit.
5. On the RSA SecurID tab, select Use RSA ACE/Server 5.0 Name Locking feature.
6. Click Use separate user name and PASSCODE pages, if ISA Server (the RSA ACE/Agent) should prompt for the user name first, and then prompt for the PASSCODE only after the user enters the user name.

Caution

• If the server requires name locking in the Agent Host record in the RSA ACE/Server database, you must enable name locking on the Agent Host. If the server requires name locking and the Agent Host does not use the name locking feature, all authentication requests from the Agent Host will be denied. If the server does not require name locking, but it is enabled on the Agent Host, the server can process the request without using name locking.
• A malicious user can permanently lock a user with many logon attempts.

Notes

• This feature requires RSA ACE/Server 5.0 Patch 03 to be installed on the RSA ACE/Server.
• For ISA Server 2006 Enterprise Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Arrays, expand Array_Name, and then click Firewall Policy.
• For ISA Server 2006 Standard Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Server_Name, and then click Firewall Policy.

Related Topics

---

Get latest ISA Server content at ISA Server Guidance(http://www.microsoft.com/). Send feedback about this page.

• English-to-Russian translation